Dissolution of Hacker Group Might Not End Attacks

Facing increasing pressure from law enforcement agencies over its brazen computer attacks, the small group of hackers known as Lulz Security announced over the weekend that it would disband.

But security experts said on Sunday that the dissolution of the group might not signal an end to the attacks, which have hit dozens of Web sites, including those of prominent targets like the Central Intelligence Agency, the United States Senate, the Arizona state police and Sony.

Indeed, in its farewell message posted on Saturday, the group, also known as LulzSec, urged other hackers to join the “revolution” aimed at governments and corporations that it started recently with Anonymous, a much larger collective of politically minded hackers from which many of the LulzSec members sprung.

“It looks like these sort of ‘hacktivist’ ideas are spreading and gaining popularity,” said Dino A. Dai Zovi, a prominent independent security consultant. He said that LulzSec appeared to be trying to inspire others to join a sprawling, if fragmented, array of local groups, which could feed more attacks.

In recent weeks, LulzSec has become a target itself, as global law enforcement authorities and rival hackers have gone after the group. One man associated with LulzSec, Ryan Cleary, was arrested last week in Britain. Meanwhile, a growing assemblage of rival hackers has been working to unmask the core half-dozen LulzSec members and feed information on them to the authorities.

American officials on Sunday characterized the attacks carried out by LulzSec as “nuisances” rather than real security threats. One government official said that LulzSec had never penetrated government servers or stolen any classified information.

“What we are really worried about is people getting access to our systems, or putting malware on it,” said the official, speaking on condition of anonymity.

The official said that even though it was possible that LulzSec had disbanded, hackers tended to operate in a world of shifting alliances and it would be easy for a new group copying LulzSec’s techniques to appear in the future.

Photo

An image the Lulz Security hacker group posted on the PBS Web site in an attack last month.Credit
Associated Press

“All it takes is one guy in his basement to do this, not an organized group,” the official said.

On Monday, the Department of Homeland Security plans to introduce a system to help institutions eliminate common programming errors that allow hackers to easily infiltrate databases and steal user names and passwords. The agency’s hope is that the program, which is voluntary, will make it easier for companies and agencies to better secure their corners of the Internet, thus contributing to a safer global network.

Some security experts and hackers were skeptical of LulzSec’s sudden about-face and said they believed the group intended to continue its activities. The latest announcement could be just another ploy for attention, rival hackers said on Twitter and on private online message boards.

Over the last several weeks, LulzSec had said repeatedly on its Twitter feed that it planned to continue attacking governments and financial institutions indefinitely.

Members of LulzSec did not respond to phone calls and e-mails on Sunday.

Whatever happens to LulzSec, the brash and public brand of hacking that it embraced and defined may be here to stay, some experts say. The group’s attacks on prominent targets, accompanied by raucous bragging on social networks and chat rooms, helped it amass more than 280,000 followers on Twitter. It has used that megaphone, as well as chat rooms, to try to recruit more hackers to its ranks.

Some of LulzSec’s activities had a political tinge. For example, it said its theft and public disclosure of Arizona law enforcement records was in response to the state’s tough laws aimed at illegal immigrants. But the group claimed that its hacking was primarily a celebration of the “lulz,” or laughs, and the members seemed to lap up the media attention they generated.

But if LulzSec had continued, it would have faced an increasing risk that its members would be captured, said Chris Wysopal, the chief technology officer of the security firm Veracode.

The recent flurry of hacking done for notoriety rather than financial gain “feels like a kind of return to a period in the past,” said Gabriella Coleman, an assistant professor at New York University who is studying groups like LulzSec and Anonymous.

Photo

An image posted on Lulzsecurity.com after the group said it had attacked the Web site of the United States Senate this month.

In the late 1980s and early 1990s, a number of hacker groups brazenly attacked some major institutions. That wave was largely squelched after a crackdown in which well-known hackers, including Kevin Mitnick, were caught and given heavy punishments, Ms. Coleman said.

After that, hackers began working more quietly, and many joined the security industry, where there was a safer place to employ their skills. Meanwhile, organized crime began moving online, following the money that was flowing through Web-based commerce and banking systems.

The return of more public hacking has been inspired by WikiLeaks, whose disclosure of reams of United States government documents showed hackers and the computer adept that they could use their skills to participate in a new way in the public sphere, Ms. Coleman said.

That notion was fed by Anonymous, a large collective of online hackers that opposed the Church of Scientology, championed freedom on the Internet and came to the defense of WikiLeaks by attacking the Web sites of companies like MasterCard and PayPal, which had refused to process donations to WikiLeaks after it disclosed confidential diplomatic cables.

More recently, Anonymous has gotten behind an array of international political causes, from the democratic uprisings in the Middle East to anticorruption protests in India.

LulzSec began as a splinter group from Anonymous, and LulzSec’s members now seem to be focusing on operating through that larger network.

To judge from purported discussions between LulzSec members that were posted online by a rival hacker known as the Jester, the internal operations of LulzSec seem as chaotic as the anarchistic behavior online. The messages show continual infighting among group members as pressure from law enforcement agencies has increased, and some members have reportedly quit.

But publicly, LulzSec insisted that its 50 days of online pandemonium had come to an end, its members would continue attacks on governments and corporations, either as part of a different group or acting individually.

Perhaps to win allies, it called the new effort “AntiSec” in an apparent effort to tap an older, similarly named movement among malicious hackers known as “black hats” that opposed working cooperatively with software makers and the security industry to fix security vulnerabilities.

Mark Mazzetti contributed reporting.

A version of this article appears in print on June 27, 2011, on Page B1 of the New York edition with the headline: Saying It’s Disbanding, Hacker Group Urges New Cyberattacks. Order Reprints|Today's Paper|Subscribe